Meta Security: Securing Your Security System with Automation

Research firm IHS Markit predicts that by the end of 2016, networked surveillance cameras will account for one-third of the installed base of 62 million cameras in North America. In fact, almost all new security devices are IP-based: access control panels, access control readers, door locks and fire detectors. Whether you have a handful or hundreds of these devices in your network, they are vulnerable to a growing number of security threats.

The Wall Street Journal and other media outlets recently reported on a massive denial-of-service attack launched by network cameras. According to the Journal, “Attackers used an army of hijacked security cameras and video recorders to launch several massive Internet attacks…” on French web host provider OVH and U.S. security researcher Brian Krebs. These and similar breaches are becoming more common and have been a wake-up call to the physical security industry.

Do not take for granted that your internal staff or your vendors are fully hardening your video surveillance system against security breaches. Here are the security vulnerabilities to be aware of and automation capabilities that can help.

Emerging Vulnerabilities

Many IP-based security systems have inherent vulnerabilities that can be exploited to perform cyber attacks due to the following:

Physical Exposure: By necessity, many security devices are installed outside or near doors on the network perimeter, leaving physical network ports accessible and vulnerable to a rogue laptop or other devices. There have been instances where rogue laptops have been used as intermediaries to siphon a lot of sensitive data from an organization.

Lack of Awareness: Fully hardening networked cameras against a security breach often requires a detailed understanding of network operations and a labor-intensive process. Indeed, the AXIS Communications Hardening Guide, an industry standard, has 24 pages of best practices for organizations large and small.

Unfortunately, many installers and physical security pros are not familiar with cybersecurity measures and do not have the expertise to address these issues. In addition, they rarely contemplate cybersecurity within the camera installation design. Even initially well-protected and isolated “camera-only” networks can suffer security weaknesses brought about by unintended connections that bridge to the main corporate network.

Working in Silos: Physical security and IT departments need to work in coordination to follow the organization’s network security policies and clearly define responsibility for deploying updated camera firmware issued by manufacturers to address vulnerabilities.

Device Vulnerabilities: While many security device manufacturers are better protecting their products, many network cameras and access control devices are not sufficiently hardened to protect against potential attack from emerging cyber threats.

Reducing Risk with Automation

Physical security professionals should not have to be Certified Cisco Network Associates (CCNA) to install and maintain security systems. Automated cyber protection mechanisms can reduce threats by implementing best practices for hardening IP cameras and other security devices. Automation reduces the workload and knowledge required to properly install these systems and maintains adequate protections as threats evolve.

Security managers need visibility into and control over the entire physical security ecosystem. Monitoring to the server or switch is insufficient. Visibility is needed down to the source cameras, with alerts to the security manager when cameras are damaged or settings are incorrect.

On the front end, automation tools can configure best practices such as enabling a protected VLAN for the security system, changing a camera’s default login credentials and binding the camera’s MAC-ID to switch ports to ensure that other rogue devices are not plugged into exposed Ethernet ports on the perimeter of the network.

Once the system is installed, automated cyber protections can also monitor network flows, detect abnormalities and respond immediately to suspected attacks. For example, automation tools can alert and intervene when the following threats are detected:

Cable changes: disconnecting or changing cable lengths

Connecting a new device or disconnecting an existing one

Data flow/ direction changes

Abnormal bandwidth consumption

Abnormal power consumption

Camera image quality changes

Camera connecting directly to external IP addresses

When abnormal behavior is detected, automation tools can generate alerts and take proactive interventions such as disabling a device’s data or power port.

The last thing you want is to discover that your video surveillance system was not working when a potentially devastating security incident occurred. Ensure that your physical security employees and vendors – as well as your IT staff – are fully educated and prepared to secure your video surveillance system. Look for automation to help fill in the gaps and put your security firmly where it belongs: under your full control.

Did you enjoy this article? Click here to subscribe to Security Magazine.

Tom Galvin is the founder and CEO at Razberi Technologies. As an industry expert in the development of video management software used for the electronic security and surveillance industry, Galvin has more than 25 years of experience and is the inventor of five patents on voice over IP systems, including the Razberi™ ServerSwitch™. Previously, Galvin served as the executive leader of product management and product development at GVI Security. Prior to GVI, he was the president and founder of NetVideo Consulting, where he provided strategic product consulting to manufacturers and software vendors for video surveillance products. He was also a product leader responsible for product management and development at General Electric Security and served as vice president of product development at Verint. Galvin started his telecommunications career at MCI Telecom, which is now Verizon, where he was responsible for developing network-based intelligent services. Galvin has a Bachelor of Science in Electrical Engineering from Iowa State University and a MBA from the University of Iowa.

Events

After attending this webinar, you will be able to identify and recognize how social media has changed corporate security, explore the implications of social media and make changes to your security team to compensate, obtain actionable insight into how to use social media to your advantage, utilize Real-life examples of how social media can be used as a critical dataset for effective event response

Attendees of this webinar should be able to understand the history and use of Exelon’s Insider Threat program as a necessity to support business goals and operations, identify and recognize the benefits of a holistic approach to address an Insider Threat Program, review best practices, based on Exelon’s experience, to use training and awareness in an Insider Threat Program, and assess the benefits of using physical and information security teams in an Insider Threat program to keep pace with enterprise security challenges.

Products

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

Who are the Most Influential People in Security? Find out which security leaders are making a difference in the September issue of Security magazine! Also, read about how New York is shaking up cybersecurity, changes in drone legislation, three steps to prepare for the GDPR, school surveillance savings and more.